Fwd: [Urgent] Help with testing TLS 1.2 support

[Rick Hegarty]

I am testing on Windoiws 10 in the USA:

   - If TLS 1.2 is enabled access to *netbeans.org <http://netbeans.org>*
   continues to work fine.
   - If I disable TLS 1.2, and enable TLS 1.0 and 1.1, connection fails.

The error is browser dependent:

   - In Microsoft Edge with TLS 1.2 disabled I get the error *Can’t connect
   securely to this page*.
   - In Firefox with TLS 1.2 disabled I get the error *Secure Connection
   Failed*.

Screen shots of failed connections are attached FYI.

Rick

-- Forwarded message -
From: Glenn Holmer 
Date: Sat, Jul 6, 2019 at 8:34 AM
Subject: Re: [Urgent] Help with testing TLS 1.2 support
To: 


On 7/4/19 6:08 AM, Jiří Kovalský wrote:
> we are looking for volunteers who will quickly verify after the
> change that:
>
> 1. https://netbeans.org continues serving content via TLS 1.2 ciphering
> 2. https://netbeans.org does no longer serve content via TLS 1.0/1.1
> ciphering

Both https://netbeans.org/ and and http://plugins.netbeans.org/ are
accessible here (USA). Tested using Firefox 67.0.4 and Chrome 73.0.3683.75.

-- 
Glenn Holmer (Linux registered user #16682)
"After the vintage season came the aftermath -- and Cenbe."


-
To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
For additional commands, e-mail: netcat-h...@netbeans.apache.org

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists

-
To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
For additional commands, e-mail: netcat-h...@netbeans.apache.org

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists

Re: [Urgent] Help with testing TLS 1.2 support

[Glenn Holmer]

On 7/4/19 6:08 AM, Jiří Kovalský wrote:
> we are looking for volunteers who will quickly verify after the
> change that:
> 
> 1. https://netbeans.org continues serving content via TLS 1.2 ciphering
> 2. https://netbeans.org does no longer serve content via TLS 1.0/1.1
> ciphering

Both https://netbeans.org/ and and http://plugins.netbeans.org/ are
accessible here (USA). Tested using Firefox 67.0.4 and Chrome 73.0.3683.75.

-- 
Glenn Holmer (Linux registered user #16682)
"After the vintage season came the aftermath -- and Cenbe."


-
To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
For additional commands, e-mail: netcat-h...@netbeans.apache.org

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists

Re: [Urgent] Help with testing TLS 1.2 support

[Rick Hegarty]

I just tested on Windows 10 from the USA, and the change looks good:
- https://netbeans.org remains accessible from the browser using TLS 1.2.
- https://netbeans.org is no longer accessible from the browser using TLS
1.0/1.1 when TLS 1.2 is disabled.

Rick

On Fri, Jul 5, 2019 at 6:50 PM Glenn Holmer 
wrote:

> On 7/4/19 6:08 AM, Jiří Kovalský wrote:
> > now we want to disable old TLS 1.0/1.1 security standards on former
> > https://netbeans.org as the step #2 before step #3 i.e.
> > decommissioning. The two dated protocols will be turned off tomorrow
> > - July 5th PDT.
> Was this done? I didn't see any message about it.
>
> > For that we are looking for volunteers who will quickly verify after the
> > change that:
>
> --
> Glenn Holmer (Linux registered user #16682)
> "After the vintage season came the aftermath -- and Cenbe."
>
>
> -
> To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
> For additional commands, e-mail: netcat-h...@netbeans.apache.org
>
> For further information about the NetBeans mailing lists, visit:
> https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists

RE: [Urgent] Help with testing TLS 1.2 support

[Sagar Shetty]

1.  Hi All,

 

2.  TLS1.0 and TLS1.1 has been disabled on netbeans.org

 

3.  CR ref: HYPERLINK 
"https://occn-jira.oraclecorp.com/browse/NE-18760"NE-18760 

 

-

Thanks & Regards,

Sagar Shetty

ORACLE PEO Network Services

 

 

From: Geertjan Wielenga 
Sent: Friday, July 5, 2019 14:15
To: Jiří Kovalský 
Cc: netcat@netbeans.apache.org; Sagar Shetty 
Subject: Re: [Urgent] Help with testing TLS 1.2 support

 

Sure, when I know it’s been done, happy to pass on the message.

 


Geertjan Wielenga | Senior Principal Product Manager
Phone: +31620320056 | 
Oracle Developer Tools

ORACLE Netherlands | Hertogswetering 163-167 | 3543 AS Utrecht | Netherlands


Oracle is committed to developing practices and products that help protect the 
environment







On 4 Jul 2019, at 20:45, Jiří Kovalský mailto:jiri.koval...@oracle.com"jiri.koval...@oracle.com> wrote:

Sagar/Geertjan,

 can you please send an e-mail to this list (HYPERLINK 
"mailto:netcat@netbeans.apache.org"netcat@netbeans.apache.org) once the TLS 
change is done tomorrow?

So far Rick Hegarty and Eric Barboni are willing to test it.

Thanks,
-Jirka

Dne 04. 07. 19 v 20:08 Rick Hegarty napsal(a):




Hi  Jirka,
I'll be happy to test that tomorrow on Windiows 10...please just email when
the older TLS versions are disabled.
Rick
<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.avg.com_email-2Dsignature-3Futm-5Fmedium-3Demail-26utm-5Fsource-3Dlink-26utm-5Fcampaign-3Dsig-2Demail-26utm-5Fcontent-3Dwebmail&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=YcWsbcFmxPAb0YqUpZC4Rwsv1qR6UPkkjcYZYrorfDw&e=
 >
Virus-free.
https://urldefense.proofpoint.com/v2/url?u=http-3A__www.avg.com&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=mSmP2yHXA87Is3o791WH8kwy6kTPEvET07Kz__uGV8o&e=
https://urldefense.proofpoint.com/v2/url?u=http-3A__www.avg.com_email-2Dsignature-3Futm-5Fmedium-3Demail-26utm-5Fsource-3Dlink-26utm-5Fcampaign-3Dsig-2Demail-26utm-5Fcontent-3Dwebmail&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=YcWsbcFmxPAb0YqUpZC4Rwsv1qR6UPkkjcYZYrorfDw&e=%20"https://urldefense.proofpoint.com/v2/url?u=http-3A__www.avg.com_email-2Dsignature-3Futm-5Fmedium-3Demail-26utm-5Fsource-3Dlink-26utm-5Fcampaign-3Dsig-2Demail-26utm-5Fcontent-3Dwebmail&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=YcWsbcFmxPAb0YqUpZC4Rwsv1qR6UPkkjcYZYrorfDw&e=
 >
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
On Thu, Jul 4, 2019 at 7:08 AM Jiří Kovalský mailto:jiri.koval...@oracle.com"jiri.koval...@oracle.com>
wrote:



Hi NetCATters,

    turning lights off is way easier than turning netbeans.org domain
off and so the latter is a step-by-step process. You all surely know
that we have migrated all the critical content to the new website
https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans.apache.org&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=H_DbS_8W2QMkCuqz-gD7H-tUFbTuv0AeQsa4Y0Hybmc&e=
  which is running TLS 1.2 already and now we
want to disable old TLS 1.0/1.1 security standards on former
https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans.org&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=ncuuHcP4k0LaHOzWvDh7QhPVMAdjXPC2q3yckaaaIow&e=
  as the step #2 before step #3 i.e. decommissioning.
The two dated protocols will be turned off tomorrow - July 5th PDT.

For that we are looking for volunteers who will quickly verify after the
change that:

1. 
https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans.org&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=ncuuHcP4k0LaHOzWvDh7QhPVMAdjXPC2q3yckaaaIow&e=
  continues serving content via TLS 1.2 ciphering
2. 
https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans.org&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=ncuuHcP4k0LaHOzWvDh7QhPVMAdjXPC2q3yckaaaIow&e=
  does no longer serve content via TLS 1.0/1.1
ciphering

If you don't know how to control version of TLS for your browser, please
read here:

htt

Re: [Urgent] Help with testing TLS 1.2 support

[Glenn Holmer]

On 7/4/19 6:08 AM, Jiří Kovalský wrote:
> now we want to disable old TLS 1.0/1.1 security standards on former 
> https://netbeans.org as the step #2 before step #3 i.e.
> decommissioning. The two dated protocols will be turned off tomorrow
> - July 5th PDT.
Was this done? I didn't see any message about it.

> For that we are looking for volunteers who will quickly verify after the
> change that:

-- 
Glenn Holmer (Linux registered user #16682)
"After the vintage season came the aftermath -- and Cenbe."


-
To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
For additional commands, e-mail: netcat-h...@netbeans.apache.org

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists

Re: [Urgent] Help with testing TLS 1.2 support

[Geertjan Wielenga]

Sure, when I know it’s been done, happy to pass on the message.


Geertjan Wielenga | Senior Principal Product Manager
Phone: +31620320056 | 
Oracle Developer Tools

ORACLE Netherlands | Hertogswetering 163-167 | 3543 AS Utrecht | Netherlands


Oracle is committed to developing practices and products that help protect the 
environment

> On 4 Jul 2019, at 20:45, Jiří Kovalský  wrote:
> 
> Sagar/Geertjan,
> 
>  can you please send an e-mail to this list (netcat@netbeans.apache.org) once 
> the TLS change is done tomorrow?
> 
> So far Rick Hegarty and Eric Barboni are willing to test it.
> 
> Thanks,
> -Jirka
> 
> Dne 04. 07. 19 v 20:08 Rick Hegarty napsal(a):
> 
>> Hi  Jirka,
>> I'll be happy to test that tomorrow on Windiows 10...please just email when
>> the older TLS versions are disabled.
>> Rick
>> >  >
>> Virus-free.
>> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.avg.com&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=mSmP2yHXA87Is3o791WH8kwy6kTPEvET07Kz__uGV8o&e=
>> >  >
>> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
>> On Thu, Jul 4, 2019 at 7:08 AM Jiří Kovalský 
>> wrote:
>>> Hi NetCATters,
>>> 
>>> turning lights off is way easier than turning netbeans.org domain
>>> off and so the latter is a step-by-step process. You all surely know
>>> that we have migrated all the critical content to the new website
>>> https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans.apache.org&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=H_DbS_8W2QMkCuqz-gD7H-tUFbTuv0AeQsa4Y0Hybmc&e=
>>>   which is running TLS 1.2 already and now we
>>> want to disable old TLS 1.0/1.1 security standards on former
>>> https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans.org&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=ncuuHcP4k0LaHOzWvDh7QhPVMAdjXPC2q3yckaaaIow&e=
>>>   as the step #2 before step #3 i.e. decommissioning.
>>> The two dated protocols will be turned off tomorrow - July 5th PDT.
>>> 
>>> For that we are looking for volunteers who will quickly verify after the
>>> change that:
>>> 
>>> 1. 
>>> https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans.org&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=ncuuHcP4k0LaHOzWvDh7QhPVMAdjXPC2q3yckaaaIow&e=
>>>   continues serving content via TLS 1.2 ciphering
>>> 2. 
>>> https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans.org&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=ncuuHcP4k0LaHOzWvDh7QhPVMAdjXPC2q3yckaaaIow&e=
>>>   does no longer serve content via TLS 1.0/1.1
>>> ciphering
>>> 
>>> If you don't know how to control version of TLS for your browser, please
>>> read here:
>>> 
>>> https://urldefense.proofpoint.com/v2/url?u=https-3A__knowledge.digicert.com_generalinformation_INFO3299.html&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=HQSREuh--Nmbu1Q2P__RggfsJR1Tv5K-9--tXuhHKSw&e=
>>> 
>>> In particular I am afraid of disappeared 
>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__plugins.netbeans.org&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=jEQRpjqDsVK3p9NQGB1IiqbMu0FgRayOgjrgVGBOUsI&e=
>>> which is only running on HTTP protocol but let's hope for the best. :)
>>> 
>>> Is anyone willing to help with this test in your country on such a short
>>> notice?
>>> 
>>> Thanks a lot,
>>> -Jirka
>>> 
>>> -
>>> To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
>>> For additional commands, e-mail: netcat-h...@netbeans.apache.org
>>> 
>>> For further information about the NetBeans mailing lists, visit:
>>> h

Re: [Urgent] Help with testing TLS 1.2 support

[José J . Rodriguez]

Jiří Kovalský wrote:

Hi NetCATters,





For that we are looking for volunteers who will quickly verify after the 
change that:


1. https://netbeans.org continues serving content via TLS 1.2 ciphering





Is anyone willing to help with this test in your country on such a short 
notice?



>


SeaMonkey 2.49.4 user here, from Cuba. Turned off TLS 1.0 and 1.1, tried 
to browse to https://netbeans.org and I got this:



Forbidden
You don't have permission to access / on this server.


Anyway, the security information for the site says:


Connection Encrypted (TLS_ECDHE_RSA_WITH_AES_!@*_GCM_SHA256, 128 bit keys)


Tried via tor and the site works ok.


Regards,
Joe1962

-
To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
For additional commands, e-mail: netcat-h...@netbeans.apache.org

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists

Re: [Urgent] Help with testing TLS 1.2 support

[Alied Pérez Martínez]

Actually super easy, barely an inconvenience ;-)

just set the tls version:
curl -v https://netbeans.org/ -o /dev/null --tls-max 1.1 2&>
/tmp/netbeans_org_tls1.1.log

As you can see in the logs it's working as intended, tested with curl
7.64.0:
alied@development:~$ curl --version
curl 7.64.0 (x86_64-pc-linux-gnu) libcurl/7.64.0 OpenSSL/1.1.1c
zlib/1.2.11 libidn2/2.0.5 libpsl/0.20.2 (+libidn2/2.0.5) libssh2/1.8.0
nghttp2/1.36.0 librtmp/2.3
Release-Date: 2019-02-06
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps
pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM
NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets HTTPS-proxy PSL

from Debian testing.

On 7/4/19 8:08 AM, Jiří Kovalský wrote:
> Hi NetCATters,
>
>    turning lights off is way easier than turning netbeans.org domain
> off and so the latter is a step-by-step process. You all surely know
> that we have migrated all the critical content to the new website
> https://netbeans.apache.org which is running TLS 1.2 already and now
> we want to disable old TLS 1.0/1.1 security standards on former
> https://netbeans.org as the step #2 before step #3 i.e.
> decommissioning. The two dated protocols will be turned off tomorrow -
> July 5th PDT.
>
> For that we are looking for volunteers who will quickly verify after
> the change that:
>
> 1. https://netbeans.org continues serving content via TLS 1.2 ciphering
> 2. https://netbeans.org does no longer serve content via TLS 1.0/1.1
> ciphering
>
> If you don't know how to control version of TLS for your browser,
> please read here:
>
> https://knowledge.digicert.com/generalinformation/INFO3299.html
>
> In particular I am afraid of disappeared http://plugins.netbeans.org
> which is only running on HTTP protocol but let's hope for the best. :)
>
> Is anyone willing to help with this test in your country on such a
> short notice?
>
> Thanks a lot,
> -Jirka
>
> -
> To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
> For additional commands, e-mail: netcat-h...@netbeans.apache.org
>
> For further information about the NetBeans mailing lists, visit:
> https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists
>

* Expire in 0 ms for 6 (transfer 0x55c97b23dd00)
* Expire in 1 ms for 1 (transfer 0x55c97b23dd00)
  % Total% Received % Xferd  Average Speed   TimeTime Time  Current
 Dload  Upload   Total   SpentLeft  Speed

  0 00 00 0  0  0 --:--:-- --:--:-- --:--:-- 0* Expire in 0 ms for 1 (transfer 0x55c97b23dd00)

===Stripped for sanity===

*   Trying 137.254.56.49...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x55c97b23dd00)
* Connected to netbeans.org (137.254.56.49) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [87 bytes data]

  0 00 00 0  0  0 --:--:-- --:--:-- --:--:-- 0* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [2777 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [333 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [70 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: C=US; ST=California; L=Redwood City; O=Oracle Corporation; CN=*.netbeans.org
*  start date: Jan 31 00:00:00 2019 GMT
*  expire date: Mar 31 12:00:00 2020 GMT
*  subjectAltName: host "netbeans.org" matched cert's "netbeans.org"
*  issuer: C=US; O=DigiCert Inc; CN=DigiCert SHA2 Secure Server CA
*  SSL certificate verify ok.
} [5 bytes data]
> GET / HTTP/1.1
> Host: netbeans.org
> User-Agent: curl/7.64.0
> Accept: */*
> 
{ [5 bytes data]
< HTTP/1.1 200 OK
< Date: Thu, 04 Jul 2019 19:33:57 GMT
< Server: Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.2n mod_perl/2.0.7 Perl/v5.14.2
< Set-Cookie: PHPSESSID=3efm4q2mt3aho3rlr3o334fgj7; path=/
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Vary: Accept-Encoding
< Transfer-Encoding: chunked
< Content-Type: text/html
< 
{ [1025 bytes data]

100 163260 163260 0  12349  0 --:--:--  0:00:01 --:--:-- 12349
* Connection #0 to host netbeans.org left intact
* Expire in 0 ms for 6 (transfer 0x55c97b23dd00)
* Expire in 1 ms for 1 (transfer 0x55c97b23dd0

Re: [Urgent] Help with testing TLS 1.2 support

[Glenn Holmer]

On 7/4/19 6:08 AM, Jiří Kovalský wrote:
>    turning lights off is way easier than turning netbeans.org domain off
> and so the latter is a step-by-step process. You all surely know that we
> have migrated all the critical content to the new website
> https://netbeans.apache.org which is running TLS 1.2 already and now we
> want to disable old TLS 1.0/1.1 security standards on former
> https://netbeans.org as the step #2 before step #3 i.e. decommissioning.
> The two dated protocols will be turned off tomorrow - July 5th PDT.
> 
> For that we are looking for volunteers who will quickly verify after the
> change that:
> 
> 1. https://netbeans.org continues serving content via TLS 1.2 ciphering
> 2. https://netbeans.org does no longer serve content via TLS 1.0/1.1
> ciphering

So, just verify that the browser supports 1.2 (mine does) and that
https://netbeans.org is accessible?

-- 
Glenn Holmer (Linux registered user #16682)
"After the vintage season came the aftermath -- and Cenbe."


-
To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
For additional commands, e-mail: netcat-h...@netbeans.apache.org

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists

Re: [Urgent] Help with testing TLS 1.2 support

[Jiří Kovalský]

Sagar/Geertjan,

  can you please send an e-mail to this list 
(netcat@netbeans.apache.org) once the TLS change is done tomorrow?


So far Rick Hegarty and Eric Barboni are willing to test it.

Thanks,
-Jirka

Dne 04. 07. 19 v 20:08 Rick Hegarty napsal(a):


Hi  Jirka,

I'll be happy to test that tomorrow on Windiows 10...please just email when
the older TLS versions are disabled.

Rick


Virus-free.
https://urldefense.proofpoint.com/v2/url?u=http-3A__www.avg.com&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=mSmP2yHXA87Is3o791WH8kwy6kTPEvET07Kz__uGV8o&e=

<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

On Thu, Jul 4, 2019 at 7:08 AM Jiří Kovalský 
wrote:


Hi NetCATters,

 turning lights off is way easier than turning netbeans.org domain
off and so the latter is a step-by-step process. You all surely know
that we have migrated all the critical content to the new website
https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans.apache.org&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=H_DbS_8W2QMkCuqz-gD7H-tUFbTuv0AeQsa4Y0Hybmc&e=
  which is running TLS 1.2 already and now we
want to disable old TLS 1.0/1.1 security standards on former
https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans.org&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=ncuuHcP4k0LaHOzWvDh7QhPVMAdjXPC2q3yckaaaIow&e=
  as the step #2 before step #3 i.e. decommissioning.
The two dated protocols will be turned off tomorrow - July 5th PDT.

For that we are looking for volunteers who will quickly verify after the
change that:

1. 
https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans.org&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=ncuuHcP4k0LaHOzWvDh7QhPVMAdjXPC2q3yckaaaIow&e=
  continues serving content via TLS 1.2 ciphering
2. 
https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans.org&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=ncuuHcP4k0LaHOzWvDh7QhPVMAdjXPC2q3yckaaaIow&e=
  does no longer serve content via TLS 1.0/1.1
ciphering

If you don't know how to control version of TLS for your browser, please
read here:

https://urldefense.proofpoint.com/v2/url?u=https-3A__knowledge.digicert.com_generalinformation_INFO3299.html&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=HQSREuh--Nmbu1Q2P__RggfsJR1Tv5K-9--tXuhHKSw&e=

In particular I am afraid of disappeared 
https://urldefense.proofpoint.com/v2/url?u=http-3A__plugins.netbeans.org&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=jEQRpjqDsVK3p9NQGB1IiqbMu0FgRayOgjrgVGBOUsI&e=
which is only running on HTTP protocol but let's hope for the best. :)

Is anyone willing to help with this test in your country on such a short
notice?

Thanks a lot,
-Jirka

-
To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
For additional commands, e-mail: netcat-h...@netbeans.apache.org

For further information about the NetBeans mailing lists, visit:
https://urldefense.proofpoint.com/v2/url?u=https-3A__cwiki.apache.org_confluence_display_NETBEANS_Mailing-2Blists&d=DwIFaQ&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4&m=ndWQ333lG5HGNGi5EMt5_DExdIEB6rWkI1LCzKfoQIk&s=t-DaWwxwqrW0Zuyvy1xU-k0Af1OSDlkaVTH30g8HUQ8&e=






-
To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
For additional commands, e-mail: netcat-h...@netbeans.apache.org

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/dis

Re: [Urgent] Help with testing TLS 1.2 support

[Rick Hegarty]

Hi  Jirka,

I'll be happy to test that tomorrow on Windiows 10...please just email when
the older TLS versions are disabled.

Rick


Virus-free.
www.avg.com

<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

On Thu, Jul 4, 2019 at 7:08 AM Jiří Kovalský 
wrote:

> Hi NetCATters,
>
> turning lights off is way easier than turning netbeans.org domain
> off and so the latter is a step-by-step process. You all surely know
> that we have migrated all the critical content to the new website
> https://netbeans.apache.org which is running TLS 1.2 already and now we
> want to disable old TLS 1.0/1.1 security standards on former
> https://netbeans.org as the step #2 before step #3 i.e. decommissioning.
> The two dated protocols will be turned off tomorrow - July 5th PDT.
>
> For that we are looking for volunteers who will quickly verify after the
> change that:
>
> 1. https://netbeans.org continues serving content via TLS 1.2 ciphering
> 2. https://netbeans.org does no longer serve content via TLS 1.0/1.1
> ciphering
>
> If you don't know how to control version of TLS for your browser, please
> read here:
>
> https://knowledge.digicert.com/generalinformation/INFO3299.html
>
> In particular I am afraid of disappeared http://plugins.netbeans.org
> which is only running on HTTP protocol but let's hope for the best. :)
>
> Is anyone willing to help with this test in your country on such a short
> notice?
>
> Thanks a lot,
> -Jirka
>
> -
> To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
> For additional commands, e-mail: netcat-h...@netbeans.apache.org
>
> For further information about the NetBeans mailing lists, visit:
> https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists
>
>

[Urgent] Help with testing TLS 1.2 support

[Jiří Kovalský]

Hi NetCATters,

   turning lights off is way easier than turning netbeans.org domain 
off and so the latter is a step-by-step process. You all surely know 
that we have migrated all the critical content to the new website 
https://netbeans.apache.org which is running TLS 1.2 already and now we 
want to disable old TLS 1.0/1.1 security standards on former 
https://netbeans.org as the step #2 before step #3 i.e. decommissioning. 
The two dated protocols will be turned off tomorrow - July 5th PDT.


For that we are looking for volunteers who will quickly verify after the 
change that:


1. https://netbeans.org continues serving content via TLS 1.2 ciphering
2. https://netbeans.org does no longer serve content via TLS 1.0/1.1 
ciphering


If you don't know how to control version of TLS for your browser, please 
read here:


https://knowledge.digicert.com/generalinformation/INFO3299.html

In particular I am afraid of disappeared http://plugins.netbeans.org 
which is only running on HTTP protocol but let's hope for the best. :)


Is anyone willing to help with this test in your country on such a short 
notice?


Thanks a lot,
-Jirka

-
To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
For additional commands, e-mail: netcat-h...@netbeans.apache.org

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists